feat(guardian): Implement POST sign_out endpoint to revoke tokens (#29)

Gabrielparizet · Nov 11, 2024 · 7c55e1c · 7c55e1c
1 parent 8059708
commit 7c55e1c
Show file tree

Hide file tree

Showing 7 changed files with 56 additions and 1 deletion.
diff --git a/lib/book_my_gigs/guardian.ex b/lib/book_my_gigs/guardian.ex
@@ -42,4 +42,14 @@ defmodule BookMyGigs.Guardian do
 
     {:ok, account, token}
   end
+
+  def sign_out(token) do
+    case decode_and_verify(token) do
+      {:ok, _claims} ->
+        {:ok, nil}
+
+      {:error, _reason} ->
+        {:error, :invalid_token}
+    end
+  end
 end
diff --git a/lib/book_my_gigs/users.ex b/lib/book_my_gigs/users.ex
@@ -44,7 +44,8 @@ defmodule BookMyGigs.Users do
     users = Storage.get_users()
 
     users
-    |> Enum.map(&get_user_location(&1))
+    |> Enum.map(&get_user_location/1)
+    |> Enum.map(&get_user_genres/1)
     |> Enum.map(&to_context_struct/1)
   end
 

diff --git a/lib/book_my_gigs_web/accounts/accounts_controller.ex b/lib/book_my_gigs_web/accounts/accounts_controller.ex
@@ -170,4 +170,42 @@ defmodule BookMyGigsWeb.AccountsController do
         |> send_resp(401, response)
     end
   end
+
+  operation(:sign_out,
+    summary: "Sign out",
+    parameters: [
+      authorization: [
+        in: :header,
+        description: "Bearer token",
+        type: :string,
+        required: true
+      ]
+    ],
+    responses: [
+      ok: "Successfully signed out",
+      unauthorized: "Invalid token"
+    ]
+  )
+
+  def sign_out(conn, _params) do
+    case get_req_header(conn, "authorization") do
+      ["Bearer " <> token] ->
+        case BookMyGigs.Guardian.sign_out(token) do
+          {:ok, _} ->
+            conn
+            |> put_resp_content_type("application/json")
+            |> send_resp(200, Jason.encode!(%{message: "Successfully signed out"}))
+
+          {:error, _reason} ->
+            conn
+            |> put_resp_content_type("application/json")
+            |> send_resp(401, Jason.encode!(%{error: "Invalid token"}))
+        end
+
+      _ ->
+        conn
+        |> put_resp_content_type("application/json")
+        |> send_resp(401, Jason.encode!(%{error: "No token provided"}))
+    end
+  end
 end
diff --git a/lib/book_my_gigs_web/router.ex b/lib/book_my_gigs_web/router.ex
@@ -41,6 +41,9 @@ defmodule BookMyGigsWeb.Router do
     # SIGN IN TO SESSION
     post "/accounts/sign_in", AccountsController, :sign_in
 
+    # SIGN OUT OF SESSION
+    post "/accounts/sign_out", AccountsController, :sign_out
+
     # LOCATIONS PUBLIC ROUTES
     get "/locations", LocationsController, :get_locations_names
 

diff --git a/lib/book_my_gigs_web/users/users_controller.ex b/lib/book_my_gigs_web/users/users_controller.ex
@@ -20,6 +20,7 @@ defmodule BookMyGigsWeb.UsersController do
   def get(conn, _params) do
     users =
       Users.get_users()
+      |> IO.inspect(label: "HERE")
       |> Jason.encode!()
 
     conn

diff --git a/mix.exs b/mix.exs
@@ -64,6 +64,7 @@ defmodule BookMyGigs.MixProject do
       {:dns_cluster, "~> 0.1.1"},
       {:bandit, "~> 1.2"},
       {:guardian, "~> 2.3.2"},
+      {:guardian_db, "~> 2.0"},
       {:open_api_spex, "~> 3.11"},
       {:excoveralls, "~> 0.18", only: :test},
       {:credo, "~> 1.7", only: [:dev, :test], runtime: false},

diff --git a/mix.lock b/mix.lock
@@ -22,6 +22,7 @@
   "floki": {:hex, :floki, "0.36.2", "a7da0193538c93f937714a6704369711998a51a6164a222d710ebd54020aa7a3", [:mix], [], "hexpm", "a8766c0bc92f074e5cb36c4f9961982eda84c5d2b8e979ca67f5c268ec8ed580"},
   "gettext": {:hex, :gettext, "0.26.1", "38e14ea5dcf962d1fc9f361b63ea07c0ce715a8ef1f9e82d3dfb8e67e0416715", [:mix], [{:expo, "~> 0.5.1 or ~> 1.0", [hex: :expo, repo: "hexpm", optional: false]}], "hexpm", "01ce56f188b9dc28780a52783d6529ad2bc7124f9744e571e1ee4ea88bf08734"},
   "guardian": {:hex, :guardian, "2.3.2", "78003504b987f2b189d76ccf9496ceaa6a454bb2763627702233f31eb7212881", [:mix], [{:jose, "~> 1.8", [hex: :jose, repo: "hexpm", optional: false]}, {:plug, "~> 1.3.3 or ~> 1.4", [hex: :plug, repo: "hexpm", optional: true]}], "hexpm", "b189ff38cd46a22a8a824866a6867ca8722942347f13c33f7d23126af8821b52"},
+  "guardian_db": {:hex, :guardian_db, "2.1.0", "ec95a9d99cdd1e550555d09a7bb4a340d8887aad0697f594590c2fd74be02426", [:mix], [{:ecto, "~> 3.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:ecto_sql, "~> 3.1", [hex: :ecto_sql, repo: "hexpm", optional: false]}, {:guardian, "~> 1.0 or ~> 2.0", [hex: :guardian, repo: "hexpm", optional: false]}, {:postgrex, "~> 0.13", [hex: :postgrex, repo: "hexpm", optional: true]}], "hexpm", "f8e7d543ac92c395f3a7fd5acbe6829faeade57d688f7562e2f0fca8f94a0d70"},
   "heroicons": {:git, "https://github.com/tailwindlabs/heroicons.git", "88ab3a0d790e6a47404cba02800a6b25d2afae50", [tag: "v2.1.1", sparse: "optimized", depth: 1]},
   "hpax": {:hex, :hpax, "1.0.0", "28dcf54509fe2152a3d040e4e3df5b265dcb6cb532029ecbacf4ce52caea3fd2", [:mix], [], "hexpm", "7f1314731d711e2ca5fdc7fd361296593fc2542570b3105595bb0bc6d0fad601"},
   "jason": {:hex, :jason, "1.4.4", "b9226785a9aa77b6857ca22832cffa5d5011a667207eb2a0ad56adb5db443b8a", [:mix], [{:decimal, "~> 1.0 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm", "c5eb0cab91f094599f94d55bc63409236a8ec69a21a67814529e8d5f6cc90b3b"},